CVE-2014-7189

Опубликовано: 07 окт. 2014

Источник: debian

EPSS Низкий

Описание

crpyto/tls in Go 1.1 before 1.3.2, when SessionTicketsDisabled is enabled, allows man-in-the-middle attackers to spoof clients via unspecified vectors.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
golang	fixed	2:1.3.2-1		package
golang	not-affected		wheezy	package

Примечания

https://groups.google.com/forum/#!msg/golang-nuts/eeOHNw_shwU/OHALUmroA5kJ
https://code.google.com/p/go/source/detail?r=eae0457c101512f59296538f0162749eba325892&name=release-branch.go1.3

EPSS

Процентиль: 52%

0.00286

Низкий

Связанные уязвимости

CVE-2014-7189

ubuntu

больше 11 лет назад

crpyto/tls in Go 1.1 before 1.3.2, when SessionTicketsDisabled is enabled, allows man-in-the-middle attackers to spoof clients via unspecified vectors.

CVE-2014-7189

nvd

больше 11 лет назад

crpyto/tls in Go 1.1 before 1.3.2, when SessionTicketsDisabled is enabled, allows man-in-the-middle attackers to spoof clients via unspecified vectors.

GHSA-qj74-fm89-4g8f

github

больше 3 лет назад

crpyto/tls in Go 1.1 before 1.3.2, when SessionTicketsDisabled is enabled, allows man-in-the-middle attackers to spoof clients via unspecified vectors.

EPSS

Процентиль: 52%

0.00286

Низкий